diff options
author | Armin Kuster <akuster808@gmail.com> | 2017-04-01 16:54:47 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2017-04-06 10:39:42 -0700 |
commit | 25f50bd5104090e849912fc1757689be32542e81 (patch) | |
tree | 67c4420613d44fc1268d2782db806b2b505c9920 /recipes-kernel/linux | |
parent | 8f0f8eeea805e98169fd2711729ac78a85d555ea (diff) | |
download | meta-security-25f50bd5104090e849912fc1757689be32542e81.tar.gz |
linux-yocto: add 4.10 kernel support
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'recipes-kernel/linux')
4 files changed, 36 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-yocto-4.10/apparmor.cfg b/recipes-kernel/linux/linux-yocto-4.10/apparmor.cfg new file mode 100644 index 0000000..1dc4168 --- /dev/null +++ b/recipes-kernel/linux/linux-yocto-4.10/apparmor.cfg | |||
@@ -0,0 +1,13 @@ | |||
1 | CONFIG_AUDIT=y | ||
2 | CONFIG_AUDITSYSCALL=y | ||
3 | CONFIG_AUDIT_WATCH=y | ||
4 | CONFIG_AUDIT_TREE=y | ||
5 | # CONFIG_NETFILTER_XT_TARGET_AUDIT is not set | ||
6 | CONFIG_SECURITY_PATH=y | ||
7 | # CONFIG_SECURITY_SELINUX is not set | ||
8 | CONFIG_SECURITY_APPARMOR=y | ||
9 | CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 | ||
10 | CONFIG_SECURITY_APPARMOR_HASH=y | ||
11 | CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y | ||
12 | CONFIG_INTEGRITY_AUDIT=y | ||
13 | # CONFIG_DEFAULT_SECURITY_APPARMOR is not set | ||
diff --git a/recipes-kernel/linux/linux-yocto-4.10/smack-default-lsm.cfg b/recipes-kernel/linux/linux-yocto-4.10/smack-default-lsm.cfg new file mode 100644 index 0000000..b5c4845 --- /dev/null +++ b/recipes-kernel/linux/linux-yocto-4.10/smack-default-lsm.cfg | |||
@@ -0,0 +1,2 @@ | |||
1 | CONFIG_DEFAULT_SECURITY="smack" | ||
2 | CONFIG_DEFAULT_SECURITY_SMACK=y | ||
diff --git a/recipes-kernel/linux/linux-yocto-4.10/smack.cfg b/recipes-kernel/linux/linux-yocto-4.10/smack.cfg new file mode 100644 index 0000000..62f465a --- /dev/null +++ b/recipes-kernel/linux/linux-yocto-4.10/smack.cfg | |||
@@ -0,0 +1,8 @@ | |||
1 | CONFIG_IP_NF_SECURITY=m | ||
2 | CONFIG_IP6_NF_SECURITY=m | ||
3 | CONFIG_EXT2_FS_SECURITY=y | ||
4 | CONFIG_EXT3_FS_SECURITY=y | ||
5 | CONFIG_EXT4_FS_SECURITY=y | ||
6 | CONFIG_SECURITY=y | ||
7 | CONFIG_SECURITY_SMACK=y | ||
8 | CONFIG_TMPFS_XATTR=y | ||
diff --git a/recipes-kernel/linux/linux-yocto_4.10.bbappend b/recipes-kernel/linux/linux-yocto_4.10.bbappend new file mode 100644 index 0000000..35a32b6 --- /dev/null +++ b/recipes-kernel/linux/linux-yocto_4.10.bbappend | |||
@@ -0,0 +1,13 @@ | |||
1 | FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}-4.10:" | ||
2 | |||
3 | # TPM kernel support | ||
4 | KERNEL_FEATURES_append += "${@bb.utils.contains('DISTRO_FEATURES', 'tpm', ' features/tpm/tpm.scc', '', d)}" | ||
5 | |||
6 | SRC_URI += "\ | ||
7 | ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor.cfg', '', d)} \ | ||
8 | " | ||
9 | |||
10 | SRC_URI += "\ | ||
11 | ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack.cfg', '', d)} \ | ||
12 | ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack-default-lsm.cfg', '', d)} \ | ||
13 | " | ||